On Mon, 07 Aug 2006 19:38:06 -0600 "Berg, Michael" <[EMAIL PROTECTED]> wrote:
> >> And just for completeness, here are the contents of my ldap.conf file > >> ========== > >> BASE dc=mydomain,dc=dyndns,dc=org > >> URI ldap://ldap.mydomain.dyndns.org > >> TLS_CIPHER_SUITE HIGH:!ADH > >> TLS_CACERT /etc/ssl/certs/mydomain.dyndns.org_CA.pem > >> TLS_REQCERT demand > >> TLS_CRLCHECK none > >> ========== > >> > > This is the complete content of ldap.conf on the clients ? > > Those are the only uncommented lines in my ldap.conf files. > > > >> I even tried purging slapd, reinstalling it, and re-populating it from > >> scratch > >> (I didn't just reload a DB backup). > >> > >> The fresh install worked fine as non-root until a reboot - at which point > >> the > >> problem described above returned and TLS connections fail. > >> > > That's strange. > > I thought so too. > > > > Can you please send the output of: ldapsearch -x -ZZ -d 7 > > Output is attached. Thanks for the output, but I still don't see why it's failing. The only thing I see on the OpenLDAP mailinglist about this is when you connect on the SSL port and try to do starttls. Can somebody with some more SSL knowledge comment here ? Regards, Matthijs Mohlmann
signature.asc
Description: PGP signature
